sparc: Move sigreturn stub to assemblygentoo/glibc-2.29-9 gentoo/2.29

It seems that some gcc versions might generates a stack frame for the sigreturn stub requires on sparc signal handling. For instance: $ cat test.c #define _GNU_SOURCE #include <sys/syscall.h> __attribute__ ((__optimize__ ("-fno-stack-protector"))) void __sigreturn_stub (void) { __asm__ ("mov %0, %%g1\n\t" "ta 0x10\n\t" : /* no outputs */ : "i" (SYS_rt_sigreturn)); } $ gcc -v [...] gcc version 9.2.1 20200224 (Debian 9.2.1-30) $ gcc -O2 -m64 test.c -S -o - [...] __sigreturn_stub: save %sp, -176, %sp #APP ! 9 "t.c" 1 mov 101, %g1 ta 0x10 ! 0 "" 2 #NO_APP .size __sigreturn_stub, .-__sigreturn_stub As indicated by kernel developers [1], the sigreturn stub can not change the register window or the stack pointer since the kernel has setup the restore frame at a precise location relative to the stack pointer when the stub is invoked. I tried to play with some compiler flags and even with _Noreturn and __builtin_unreachable after the asm does not help (and Sparc does not support naked functions). To avoid similar issues, as the stack-protector support also have stumbled, this patch moves the implementation of the sigreturn stubs to assembly. Checked on sparcv9-linux-gnu and sparc64-linux-gnu with gcc 9.2.1 and gcc 7.5.0. [1] https://lkml.org/lkml/2016/5/27/465 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
author: Adhemerval Zanella <adhemerval.zanella@linaro.org> 2020-03-05 13:38:24 -0300
committer: Sergei Trofimovich <slyfox@gentoo.org> 2020-04-03 23:21:49 +0100
commit: 15145dead72361d0a7e87dcca1dcad199005e55a (patch)
tree: c2157044d7df958b3c2e6b1c40b1a17400339c03
parent: Update NEWS for CVE-2019-19126 (diff)
download: glibc-15145dead72361d0a7e87dcca1dcad199005e55a.tar.gz
glibc-15145dead72361d0a7e87dcca1dcad199005e55a.tar.bz2
glibc-15145dead72361d0a7e87dcca1dcad199005e55a.zip
5 files changed, 73 insertions, 38 deletions
diff --git a/sysdeps/unix/sysv/linux/sparc/Makefile b/sysdeps/unix/sysv/linux/sparc/Makefile
index fb3ee5b8a1..7b91ff1824 100644
--- a/sysdeps/unix/sysv/linux/sparc/Makefile
+++ b/sysdeps/unix/sysv/linux/sparc/Makefile
@@ -15,8 +15,12 @@ ifeq ($(subdir),sysvipc)
 sysdep_routines += getshmlba
 endif
 
+ifeq ($(subdir),signal)
+sysdep_routines += sigreturn_stub
+endif
+
 ifeq ($(subdir),nptl)
 # pull in __syscall_error routine
-libpthread-routines += sysdep
-libpthread-shared-only-routines += sysdep
+libpthread-routines += sysdep sigreturn_stub
+libpthread-shared-only-routines += sysdep sigreturn_stub
 endif
diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/sigaction.c b/sysdeps/unix/sysv/linux/sparc/sparc32/sigaction.c
index de7ef6f151..f36e924af4 100644
--- a/sysdeps/unix/sysv/linux/sparc/sparc32/sigaction.c
+++ b/sysdeps/unix/sysv/linux/sparc/sparc32/sigaction.c
@@ -24,8 +24,8 @@
 #include <kernel_sigaction.h>
 #include <sysdep.h>
 
-static void __rt_sigreturn_stub (void);
-static void __sigreturn_stub (void);
+void __rt_sigreturn_stub (void);
+void __sigreturn_stub (void);
 
 #define STUB(act, sigsetsize) \
   (act) ? ((unsigned long)((act->sa_flags & SA_SIGINFO)	\
@@ -35,25 +35,3 @@ static void __sigreturn_stub (void);
   (sigsetsize)
 
 #include <sysdeps/unix/sysv/linux/sigaction.c>
-
-static
-inhibit_stack_protector
-void
-__rt_sigreturn_stub (void)
-{
-  __asm__ ("mov %0, %%g1\n\t"
-	   "ta	0x10\n\t"
-	   : /* no outputs */
-	   : "i" (__NR_rt_sigreturn));
-}
-
-static
-inhibit_stack_protector
-void
-__sigreturn_stub (void)
-{
-  __asm__ ("mov %0, %%g1\n\t"
-	   "ta	0x10\n\t"
-	   : /* no outputs */
-	   : "i" (__NR_sigreturn));
-}
diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S b/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S
new file mode 100644
index 0000000000..727cc94737
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/sparc/sparc32/sigreturn_stub.S
@@ -0,0 +1,34 @@
+/* Sigreturn stub function used on sa_restore field.
+   Copyright (C) 2020 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <sysdep.h>
+
+/* These functions must not change the register window or the stack
+   pointer [1].
+
+   [1] https://lkml.org/lkml/2016/5/27/465  */
+
+ENTRY (__rt_sigreturn_stub)
+	mov	__NR_rt_sigreturn, %g1
+	ta	0x10
+END (__rt_sigreturn_stub)
+
+ENTRY (__sigreturn_stub)
+	mov	__NR_sigreturn, %g1
+	ta	0x10
+END (__sigreturn_stub)
diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c b/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c
index 3b8be43c07..4772ec2553 100644
--- a/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c
+++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigaction.c
@@ -22,21 +22,11 @@
 #include <syscall.h>
 #include <sysdep.h>
 
-static void __rt_sigreturn_stub (void);
+/* Defined on sigreturn_stub.S.  */
+void __rt_sigreturn_stub (void);
 
 #define STUB(act, sigsetsize) \
   (((unsigned long) &__rt_sigreturn_stub) - 8),	\
   (sigsetsize)
 
 #include <sysdeps/unix/sysv/linux/sigaction.c>
-
-static
-inhibit_stack_protector
-void
-__rt_sigreturn_stub (void)
-{
-  __asm__ ("mov %0, %%g1\n\t"
-	   "ta	0x6d\n\t"
-	   : /* no outputs */
-	   : "i" (__NR_rt_sigreturn));
-}
diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S b/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S
new file mode 100644
index 0000000000..add4766831
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/sparc/sparc64/sigreturn_stub.S
@@ -0,0 +1,29 @@
+/* Sigreturn stub function used on sa_restore field.
+   Copyright (C) 2020 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <sysdep.h>
+
+/* This function must not change the register window or the stack
+   pointer [1].
+
+   [1] https://lkml.org/lkml/2016/5/27/465  */
+
+ENTRY (__rt_sigreturn_stub)
+	mov	__NR_rt_sigreturn, %g1
+	ta	0x6d
+END (__rt_sigreturn_stub)
author	Adhemerval Zanella <adhemerval.zanella@linaro.org>	2020-03-05 13:38:24 -0300
committer	Sergei Trofimovich <slyfox@gentoo.org>	2020-04-03 23:21:49 +0100
commit	15145dead72361d0a7e87dcca1dcad199005e55a (patch)
tree	c2157044d7df958b3c2e6b1c40b1a17400339c03
parent	Update NEWS for CVE-2019-19126 (diff)
download	glibc-15145dead72361d0a7e87dcca1dcad199005e55a.tar.gz glibc-15145dead72361d0a7e87dcca1dcad199005e55a.tar.bz2 glibc-15145dead72361d0a7e87dcca1dcad199005e55a.zip